Hack week 2025: remove unneeded FBV instances (2) (#53872)
This commit is contained in:
mc
@@ -1,7 +1,7 @@
|
||||
---
|
||||
title: Enforcing policies for code security and analysis for your enterprise
|
||||
intro: 'You can enforce policies to manage the use of {% ifversion security-feature-enablement-policies %}code security and analysis{% else %}{% data variables.product.prodname_GH_advanced_security %}{% endif %} features within your enterprise''s organizations.'
|
||||
permissions: 'Enterprise owners can enforce {% ifversion security-feature-enablement-policies %}code security and analysis{% endif %} policies for {% data variables.product.prodname_GH_advanced_security %} in an enterprise.'
|
||||
intro: 'You can enforce policies to manage the use of code security and analysis features within your enterprise''s organizations.'
|
||||
permissions: 'Enterprise owners can enforce code security and analysis policies for {% data variables.product.prodname_GH_advanced_security %} in an enterprise.'
|
||||
product: '{% data reusables.gated-features.ghas %}'
|
||||
versions:
|
||||
ghec: '*'
|
||||
@@ -28,22 +28,12 @@ redirect_from:
|
||||
- /admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise
|
||||
shortTitle: Code security & analysis
|
||||
---
|
||||
{% ifversion security-feature-enablement-policies %}
|
||||
|
||||
## About policies for code security and analysis in your enterprise
|
||||
|
||||
You can enforce policies to manage the use of code security and analysis features within organizations owned by your enterprise. You can allow or disallow people with admin access to a repository to enable or disable the security and analysis features.
|
||||
|
||||
Additionally, you can enforce policies for the use of {% data variables.product.prodname_GH_advanced_security %} in your enterprise's organizations and repositories.
|
||||
{% else %}
|
||||
|
||||
## About policies for {% data variables.product.prodname_GH_advanced_security %} in your enterprise
|
||||
|
||||
{% data reusables.advanced-security.ghas-helps-developers %} For more information, see [AUTOTITLE](/get-started/learning-about-github/about-github-advanced-security).
|
||||
|
||||
{% ifversion ghes %}If you purchase a license for {% data variables.product.prodname_GH_advanced_security %}, any{% else %}Any{% endif %} organization on {% data variables.product.prodname_ghe_server %} can use {% data variables.product.prodname_advanced_security %} features. You can enforce policies to control how members of your enterprise on {% data variables.product.product_name %} use {% data variables.product.prodname_advanced_security %}.
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion ghec %}
|
||||
|
||||
@@ -84,16 +74,13 @@ Across all organizations owned by your enterprise, you can allow members with ad
|
||||
{% data reusables.enterprise.role-permission-hierarchy %}
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}
|
||||
{% data reusables.enterprise-accounts.policies-tab %}{% ifversion security-feature-enablement-policies %}
|
||||
{% data reusables.enterprise-accounts.code-security-and-analysis-policies %}{% else %}
|
||||
{% data reusables.enterprise-accounts.advanced-security-policies %}{% endif %}{% ifversion security-feature-enablement-policies %}
|
||||
{% data reusables.enterprise-accounts.policies-tab %}
|
||||
{% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
|
||||
1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "{% data variables.product.prodname_GH_advanced_security %} availability", select the dropdown menu and click a policy for the organizations owned by your enterprise.
|
||||
|
||||
{% data reusables.enterprise-accounts.advanced-security-organization-policy-drop-down %}{% endif %}
|
||||
{% data reusables.enterprise-accounts.advanced-security-organization-policy-drop-down %}
|
||||
{% data reusables.enterprise-accounts.advanced-security-individual-organization-policy-drop-down %}
|
||||
|
||||
{% ifversion security-feature-enablement-policies %}
|
||||
|
||||
## Enforcing a policy to manage the use of {% data variables.product.prodname_GH_advanced_security %} features in your enterprise's repositories
|
||||
|
||||
Across all of your enterprise's organizations, you can allow or disallow people with admin access to repositories to manage the use of {% data variables.product.prodname_GH_advanced_security %} features in the repositories. {% data reusables.advanced-security.ghas-must-be-enabled %}
|
||||
@@ -114,8 +101,6 @@ Across all of your enterprise's organizations, you can allow or disallow people
|
||||
{% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
|
||||
1. In the "{% data variables.product.prodname_GH_advanced_security %} policies" section, under "Enable or disable {% data variables.product.prodname_secret_scanning %} by repository admins", select the dropdown menu and click a policy.
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion secret-scanning-ai-generic-secret-detection %}
|
||||
|
||||
## Enforcing a policy to manage the use of {% data variables.secret-scanning.generic-secret-detection %} for {% data variables.product.prodname_secret_scanning %} in your enterprise's repositories
|
||||
|
||||
@@ -4,7 +4,7 @@ shortTitle: Configuring dependency review
|
||||
intro: 'To help users understand dependency changes when reviewing pull requests, you can enable, configure, and disable dependency review for {% data variables.product.prodname_ghe_server %}.'
|
||||
product: '{% data reusables.gated-features.dependency-review %}'
|
||||
versions:
|
||||
feature: dependency-review-action-ghes
|
||||
ghes: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
- Advanced Security
|
||||
|
||||
@@ -23,7 +23,7 @@ topics:
|
||||
|
||||
When you enable {% data variables.product.prodname_GH_advanced_security %} for your enterprise, repository administrators in all organizations can enable the features unless you set up a policy to restrict access. See [AUTOTITLE](/admin/policies/enforcing-policies-for-your-enterprise/enforcing-policies-for-code-security-and-analysis-for-your-enterprise).
|
||||
|
||||
{% ifversion secret-scanning-enterprise-level-api %}{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}{% endif %}
|
||||
{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}
|
||||
|
||||
For guidance on a phased deployment of GitHub Advanced Security, see [AUTOTITLE](/code-security/adopting-github-advanced-security-at-scale/introduction-to-adopting-github-advanced-security-at-scale).
|
||||
|
||||
|
||||
@@ -3,7 +3,8 @@ title: Managing GitHub Advanced Security features for your enterprise
|
||||
intro: 'You can control {% data variables.product.prodname_GH_advanced_security %} features that secure and analyze code across all organizations owned by your enterprise.'
|
||||
permissions: 'Enterprise owners can manage {% data variables.product.prodname_advanced_security %} features for organizations in an enterprise.'
|
||||
versions:
|
||||
feature: secret-scanning-enterprise-level
|
||||
ghec: '*'
|
||||
ghes: '*'
|
||||
type: how_to
|
||||
topics:
|
||||
- Alerts
|
||||
@@ -31,7 +32,7 @@ To manage individual {% data variables.product.prodname_GH_advanced_security %}
|
||||
|
||||
{% endif %}
|
||||
|
||||
{% ifversion secret-scanning-enterprise-level-api %}{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}{% endif %}
|
||||
{% data reusables.secret-scanning.secret-scanning-enterprise-level-api %}
|
||||
|
||||
{% ifversion ghes %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/about-billing-for-github-advanced-security).{% elsif ghec %}For information about buying a license for {% data variables.product.prodname_GH_advanced_security %}, see [AUTOTITLE](/billing/managing-billing-for-your-products/managing-billing-for-github-advanced-security/signing-up-for-github-advanced-security).{% endif %}
|
||||
|
||||
|
||||
@@ -36,7 +36,7 @@ If you're an organization owner, you can enable push protection for multiple rep
|
||||
|
||||
Organization owners, security managers, and repository administrators can also enable push protection for {% data variables.product.prodname_secret_scanning %} via the API. For more information, see [AUTOTITLE](/rest/repos#update-a-repository) and expand the "Properties of the `security_and_analysis` object" section.
|
||||
|
||||
{% ifversion secret-scanning-enterprise-level %}
|
||||
{% ifversion ghec or ghes %}
|
||||
|
||||
If your organization is owned by an enterprise account, an enterprise owner can also enable push protection at the enterprise level. For more information, see [AUTOTITLE](/admin/code-security/managing-github-advanced-security-for-your-enterprise/managing-github-advanced-security-features-for-your-enterprise).
|
||||
|
||||
|
||||
@@ -142,11 +142,9 @@ Before defining a custom pattern, you must ensure that you enable secret scannin
|
||||
> * {% data reusables.secret-scanning.dry-runs-enterprise-permissions %}
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}
|
||||
{% data reusables.enterprise-accounts.policies-tab %}{% ifversion security-feature-enablement-policies %}
|
||||
{% data reusables.enterprise-accounts.policies-tab %}
|
||||
{% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
|
||||
1. Under "{% ifversion code-security-wording-only-enterprise %}Code security{% else %}Code security and analysis{% endif %}", click **Security features**.{% else %}
|
||||
{% data reusables.enterprise-accounts.advanced-security-policies %}
|
||||
{% data reusables.enterprise-accounts.advanced-security-security-features %}{% endif %}
|
||||
1. Under "{% ifversion code-security-wording-only-enterprise %}Code security{% else %}Code security and analysis{% endif %}", click **Security features**.
|
||||
1. Under "Secret scanning custom patterns", click **New pattern**.
|
||||
{% data reusables.advanced-security.secret-scanning-add-custom-pattern-details %}
|
||||
{%- ifversion custom-pattern-dry-run-ga %}
|
||||
|
||||
@@ -55,11 +55,9 @@ You can enable {% data variables.product.prodname_secret_scanning %} as a push p
|
||||
Before enabling push protection for a custom pattern at enterprise level, you must also{% ifversion custom-pattern-dry-run-ga %} test your custom patterns using dry runs. {% data reusables.secret-scanning.dry-runs-enterprise-permissions %}{% else %} test your custom patterns in a repository before defining them for your entire enterprise, as there is no dry-run functionality. That way, you can avoid creating excess false-positive {% data variables.secret-scanning.alerts %}.{% endif %}
|
||||
|
||||
{% data reusables.enterprise-accounts.access-enterprise %}
|
||||
{% data reusables.enterprise-accounts.policies-tab %}{% ifversion security-feature-enablement-policies %}
|
||||
{% data reusables.enterprise-accounts.policies-tab %}
|
||||
{% data reusables.enterprise-accounts.code-security-and-analysis-policies %}
|
||||
1. Under "{% ifversion code-security-wording-only-enterprise %}Code security{% else %}Code security and analysis{% endif %}", click **Security features**.{% else %}
|
||||
{% data reusables.enterprise-accounts.advanced-security-policies %}
|
||||
{% data reusables.enterprise-accounts.advanced-security-security-features %}{% endif %}
|
||||
1. Under "{% ifversion code-security-wording-only-enterprise %}Code security{% else %}Code security and analysis{% endif %}", click **Security features**.
|
||||
{% data reusables.advanced-security.secret-scanning-edit-custom-pattern %}
|
||||
|
||||
{% ifversion custom-pattern-dry-run-ga %}
|
||||
|
||||
@@ -85,7 +85,7 @@ For any {% data variables.product.company_short %}-reviewed advisory in the {% d
|
||||
1. Optionally, to filter the list, use the search bar or the drop-down menus. The "Organization" drop-down menu allows you to filter the {% data variables.product.prodname_dependabot_alerts %} per owner (organization or user).
|
||||
1. For more details about the advisory, and for advice on how to fix the vulnerable repository, click the repository name.
|
||||
|
||||
{% ifversion security-advisories-ghes %}
|
||||
{% ifversion ghes %}
|
||||
|
||||
## Accessing the local advisory database on {% data variables.product.prodname_ghe_server %}
|
||||
|
||||
|
||||
@@ -42,7 +42,7 @@ Only repository owners and administrators can edit repository-level security adv
|
||||
|
||||
You can also open a pull request directly on an advisory file in the [github/advisory-database](https://github.com/github/advisory-database) repository. For more information, see the [contribution guidelines](https://github.com/github/advisory-database/blob/main/CONTRIBUTING.md).
|
||||
|
||||
{% ifversion security-advisories-ghes %}
|
||||
{% ifversion ghes %}
|
||||
|
||||
## Editing advisories from {% data variables.product.prodname_ghe_server %}
|
||||
|
||||
|
||||
@@ -1,3 +1 @@
|
||||
{% ifversion secret-scanning-push-protection-email %}
|
||||
When a contributor bypasses a push protection block for a secret, {% data variables.product.prodname_dotcom %} also sends an email alert to the organization owners, security managers, and repository administrators who have opted in for email notifications.
|
||||
{% endif %}
|
||||
|
||||
@@ -9,5 +9,5 @@ When a new secret is detected, {% data variables.product.product_name %} notifie
|
||||
|
||||
You will receive an email notification if:
|
||||
* You are watching the repository.
|
||||
* You have enabled notifications for "All Activity", or for custom "Security alerts" on the repository{% ifversion secret-scanning-notification-settings %}.
|
||||
* In your notification settings, under "Subscriptions", then under "Watching", you have selected to receive notifications by email.{% endif %}
|
||||
* You have enabled notifications for "All Activity", or for custom "Security alerts" on the repository.
|
||||
* In your notification settings, under "Subscriptions", then under "Watching", you have selected to receive notifications by email.
|
||||
|
||||
Reference in New Issue
Block a user